silverlugs
join:2007-12-11
| Logging LAN User's URL's?
I need some way to log 4 users activities (URL's visited and time)
I'm on DSL w/4 port Westell A90-2400 four port router. It does have a connection "events log", but only seems to be logging one user's URL's, so essentually useless. I've tried searching the archives, but keep snagging unrelated topics. Any suggestions? |
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire | will the users be made aware of the monitoring?
Cudni |
|
silverlugs
join:2007-12-11 | Initially no. I suspect one of the four users is visiting inappropriate sites, so I'd like evidence before I chew someone's butt. |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| reply to silverlugs
Set up your own DNS server, and turn on request logging. Then set that DNS server in your router, so it is the server given out by DHCP. I am assuming that your router can be configured for this.
If you can do that, the DNS request logs will show all DNS lookups. It won't give the urls, but it will have the hostnames. It won't show anything for urls that use a direct IP address rather than a hostname.
Note that the computer user can evade this monitoring by running his own DNS server, or by manually configuring DNS servers in his system.
--
AT&T dsl; Westell 2200 modem/router; SuSE 10.1; firefox 2.0.0.8 |
|
angussf
Premium
join:2002-01-11
Tucson, AZ
| reply to silverlugs
I use IPCop as my router, and you can see what goes on in the system logs. If you don't want to replce your router you could install one of the many parental-control packages in logging mode. Try a Google Search for "internet activity logger" »www.google.com/search?q=internet···y+logger
Just remember to set a "restore point" on the system before you install it so you can uninstall it cleanly. Also, IANAL but depending on your jurisdiction, you may need to have a formal written "Internet use" policy in place to discipline people. |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
 ·Comcast
| reply to silverlugs
you will need a real router/firewall to insert itself transparently on port 80 outbound from your lan to the internet. Running squid or some other web proxy will get you a log of all outbound urls. Running squid + dansguardian will allow you to simply block inappropriate sites.
--
My place : »www.schettino.us |
|
silverlugs
join:2007-12-11
| reply to silverlugs
Appreciate the suggestions all.
Before I jump into major changes, I'd like to know why my existing router doesn't display ALL traffic - if in deed it even can. The "Diagnostic Logs" in the router's config, states,
"Connection: List all events related to connection activity (Any traffic on the USB, Ethernet or DSL ports)."
I assume this to mean ALL ports, not just the owner/admin's machine (which is plugged into port #1). Would it make any difference if I tried cable swapping between the 4 ports?
|
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25 |  reply to silverlugs
Doesn't OpenDNS (requires an account) have this option? I think you can log and block bad sites (e.g., adult, porn, phishing). |
|
